PT-2023-25204 · Unknown · Chamilo Lms

Name of the Vulnerable Software and Affected Versions: Chamilo LMS versions prior to 1.11.20 Description: The issue concerns a path traversal vulnerability in the file upload functionality, specifically in the /main/webservices/additional webservices.php endpoint. This allows unauthenticated...

Chamilo LMS Security Vulnerability

Chamilo LMS is an open source online learning and collaboration system from the Chamilo Association. The system supports the creation of instructional content, distance training, and online question and answer sessions. A security vulnerability exists in Chamilo LMS v1.11.20 and earlier versions,...

Chamilo LMS Security Vulnerability

Chamilo LMS is an open source online learning and collaboration system from the Chamilo Association. The system supports the creation of instructional content, distance training, and online question and answer sessions. A security vulnerability exists in Chamilo LMS v1.11.20 and earlier versions,...

CVE-2023-39061

Cross Site Request Forgery CSRF vulnerability in Chamilo v.1.11 thru v.1.11.20 allows a remote authenticated privileged attacker to execute arbitrary code...

PT-2023-25776 · Chamilo · Chamilo

Name of the Vulnerable Software and Affected Versions: Chamilo versions 1.11.x up to 1.11.20 Description: The issue allows users with admin privilege accounts to insert XSS in the careers and promotions management section. This can potentially lead to malicious script execution. Recommendations:...

Chamilo 跨站脚本漏洞

Chamilo LMS is an open source online learning and collaboration system from the Chamilo Association. The system supports the creation of instructional content, remote training, and online question and answer sessions. A cross-site scripting vulnerability exists in Chamilo versions 1.11.x through...

SUSE CVE-2005-0753

Buffer overflow in CVS before 1.11.20 allows remote attackers to execute arbitrary code...

WordPress plugin Broken Link Checker 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

GHSA-XGGX-FX6W-V7CH Improper Neutralization of Wildcards or Matching Symbols

This affects Spring Data JPA in versions up to and including 2.1.6, 2.0.14 and 1.11.20. ExampleMatcher using ExampleMatcher.StringMatcher.STARTING, ExampleMatcher.StringMatcher.ENDING or ExampleMatcher.StringMatcher.CONTAINING could return more results than anticipated when a maliciously crafted...

Improper Neutralization of Wildcards or Matching Symbols

This affects Spring Data JPA in versions up to and including 2.1.6, 2.0.14 and 1.11.20. ExampleMatcher using ExampleMatcher.StringMatcher.STARTING, ExampleMatcher.StringMatcher.ENDING or ExampleMatcher.StringMatcher.CONTAINING could return more results than anticipated when a maliciously crafted...

Design/Logic Flaw

This affects Spring Data JPA in versions up to and including 2.1.6, 2.0.14 and 1.11.20. ExampleMatcher using ExampleMatcher.StringMatcher.STARTING, ExampleMatcher.StringMatcher.ENDING or ExampleMatcher.StringMatcher.CONTAINING could return more results than anticipated when a maliciously crafted...

security flaw

Buffer overflow in CVS before 1.11.20 allows remote attackers to execute arbitrary code...